aboutsummaryrefslogtreecommitdiffstats
path: root/etc/eom.profile
diff options
context:
space:
mode:
authorLibravatar smitsohu <smitsohu@gmail.com>2018-03-28 01:20:21 +0200
committerLibravatar smitsohu <smitsohu@gmail.com>2018-03-28 03:23:59 +0200
commit7a37dc31ab907d55eb88f2fa259f37046952a0c5 (patch)
treeb6a3e76842eeb8c455e00585de0ab9fc38ef4fe0 /etc/eom.profile
parentEnable nodbus for keepassx and keepassxc profiles. (diff)
downloadfirejail-7a37dc31ab907d55eb88f2fa259f37046952a0c5.tar.gz
firejail-7a37dc31ab907d55eb88f2fa259f37046952a0c5.tar.zst
firejail-7a37dc31ab907d55eb88f2fa259f37046952a0c5.zip
recalibrate dbus access, deploy nodbus option
see #1822 and #1825. also systematically replaces 'blacklist /run/user/*/bus' with 'nodbus'. with contributions from @Fred-Barclay
Diffstat (limited to 'etc/eom.profile')
-rw-r--r--etc/eom.profile7
1 files changed, 4 insertions, 3 deletions
diff --git a/etc/eom.profile b/etc/eom.profile
index c7c92db0e..978fa78a4 100644
--- a/etc/eom.profile
+++ b/etc/eom.profile
@@ -5,8 +5,6 @@ include /etc/firejail/eom.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
9
10noblacklist ${HOME}/.Steam 8noblacklist ${HOME}/.Steam
11noblacklist ${HOME}/.config/mate/eom 9noblacklist ${HOME}/.config/mate/eom
12noblacklist ${HOME}/.local/share/Trash 10noblacklist ${HOME}/.local/share/Trash
@@ -19,10 +17,13 @@ include /etc/firejail/disable-programs.inc
19 17
20include /etc/firejail/whitelist-var-common.inc 18include /etc/firejail/whitelist-var-common.inc
21 19
20# following line makes settings immutable
22apparmor 21apparmor
23caps.drop all 22caps.drop all
24# net none - makes settings immutable 23net none
25no3d 24no3d
25# following line makes settings immutable
26nodbus
26nodvd 27nodvd
27nogroups 28nogroups
28nonewprivs 29nonewprivs
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-29 03:01:30 +0000